exploitDog

CVE-2025-53820

Опубликовано: 14 июл. 2025

Источник: nvd

CVSS3: 6.5

CVSS3: 6.1

EPSS Низкий

Описание

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the index.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the erro parameter. Version 3.4.5 contains a patch for the issue.

Ссылки

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9rrm-92jv-xwcv
Exploit
Vendor Advisory
https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9rrm-92jv-xwcv
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*

Версия до 3.4.5 (исключая)

EPSS

Процентиль: 8%

0.00033

Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

EPSS

Процентиль: 8%

0.00033

Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79